I was copying a file from one box to antoher and the box I was copying to (and logged into) went BSOD. It's suspicous because it has typically been a good box and recently installed SP1 a few days ago. Has anyone run into this? thank you Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\WORKING\hv52debug\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: SRV*C:\symbolfiles*http://msdl.microsoft.com/download/symbols;C:\Symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64 Product: Server, suite: Enterprise TerminalServer SingleUserTS Built by: 7601.17592.amd64fre.win7sp1_gdr.110408-1631 Machine Name: Kernel base = 0xfffff800`0160b000 PsLoadedModuleList = 0xfffff800`01850650 Debug session time: Thu May 19 19:42:51.587 2011 (GMT-7) System Uptime: 5 days 16:57:30.534 Loading Kernel Symbols ............................................................... ................................................................ .. Loading User Symbols Loading unloaded module list ....... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck C2, {7, 109b, d000700, fffffa801c5f21ff} Probably caused by : mrxsmb.sys ( mrxsmb!SmbCseFinalizeBufferContext+ed ) Followup: MachineOwner --------- 1: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* BAD_POOL_CALLER (c2) The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc. Arguments: Arg1: 0000000000000007, Attempt to free pool which was already freed Arg2: 000000000000109b, (reserved) Arg3: 000000000d000700, Memory contents of the pool block Arg4: fffffa801c5f21ff, Address of the block of pool being deallocated Debugging Details: ------------------ BUGCHECK_STR: 0xc2_7 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: System CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff800017b5be9 to fffff8000168ad00 STACK_TEXT: fffff880`0874ba78 fffff800`017b5be9 : 00000000`000000c2 00000000`00000007 00000000`0000109b 00000000`0d000700 : nt!KeBugCheckEx fffff880`0874ba80 fffff880`0363984d : fffffa80`12fbc1c0 fffffa80`12fbc240 fffffa80`12fbc240 fffffa80`18cfc010 : nt!ExDeferredFreePool+0x1201 fffff880`0874bb30 fffff880`036bb77f : fffffa80`18cfc010 fffffa80`1c067010 fffffa80`1c067010 fffff880`0363a610 : mrxsmb!SmbCseFinalizeBufferContext+0xed fffff880`0874bb60 fffff880`0363b73d : fffff8a0`08e667c0 00000000`00000500 fffffa80`12fbc1c0 fffffa80`12fbc1c0 : mrxsmb20!Smb2Read_Restart+0xb3 fffff880`0874bbe0 fffff880`036410e3 : fffffa80`142eda00 fffffa80`15228e70 fffffa80`12fbc1c0 fffffa80`00000001 : mrxsmb!SmbCeInitiateExchange+0x4d1 fffff880`0874bc50 fffff880`0139f1b1 : fffff880`013ba4a8 fffff880`013ba4a8 00000000`00000001 fffffa80`12fbc280 : mrxsmb!SmbCepResumeExchangeWorker+0x47 fffff880`0874bc80 fffff800`0192732e : fffff880`013ba4a8 fffff880`013ba8f8 fffffa80`12f1fb00 fffff800`01682800 : rdbss!RxpWorkerThreadDispatcher+0x1a1 fffff880`0874bd40 fffff800`0167c666 : fffff880`009bf180 fffffa80`143feb60 fffff880`009ca0c0 fffff880`0146b384 : nt!PspSystemThreadStartup+0x5a fffff880`0874bd80 00000000`00000000 : fffff880`0874c000 fffff880`08746000 fffff880`0874b970 00000000`00000000 : nt!KiStartSystemThread+0x16 STACK_COMMAND: kb FOLLOWUP_IP: mrxsmb!SmbCseFinalizeBufferContext+ed fffff880`0363984d 4885ff test rdi,rdi SYMBOL_STACK_INDEX: 2 SYMBOL_NAME: mrxsmb!SmbCseFinalizeBufferContext+ed FOLLOWUP_NAME: MachineOwner MODULE_NAME: mrxsmb IMAGE_NAME: mrxsmb.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4d649376 FAILURE_BUCKET_ID: X64_0xc2_7_mrxsmb!SmbCseFinalizeBufferContext+ed BUCKET_ID: X64_0xc2_7_mrxsmb!SmbCseFinalizeBufferContext+ed Followup: MachineOwner --------- BarrySDCA

Bug Check Code 0xC2: http://msdn.microsoft.com/en-us/library/ff560185%28v=VS.85%29.aspx You have to enable Driver Verifier to identify the faulty driver. You can also update all possible drivers. If a Microsoft Moderator will be here, he will reply with (Even if what I said is the right answer): Please understand that to troubleshoot the blue screen issues, we usually need to perform debugging. However, in this forum, we do not provide debugging support. If you would like to perform debugging, please contact Microsoft Customer Support Service (CSS). To obtain the phone numbers for specific technology request, please refer to the website listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS If you are outside the US, please refer to http://support.microsoft.com for regional support phone numbers. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration

Hi, In addition, please also try to install the hotfix from the following Microsoft KB article to update the mrxsmb.sys: MS11-019: Vulnerabilities in SMB Client could allow remote code execution: April 12, 2011 http://support.microsoft.com/kb/2511455 If the issue persists, contact Microsoft CSS as Mr X mentioned for further assistance. Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.